Catastrophic Threats To The Homeland: A Presidential Brief

A worldwide assessment for the 45th President Of The United States

Photo Illustration: R. A. Di Ieso
Jan 21, 2017 at 1:38 PM ET

Editor’s Note: On Friday, January 20, Donald J. Trump stepped into the office of the presidency, with dozens of high-level national security positions still unfilled, feuding with his intelligence agencies, who are investigating possible links between his associates and a foreign power — and, of course, amid reports that he’s skipping his daily intelligence briefings.

And so, we asked national security reporter Marc Ambinder to draft a brief for the new president, summarizing current threats to United States. It’s not real — but the dangers it lays out are.


This is a consolidated warning briefing from the U.S. Intelligence Community (IC), as presented through the National Intelligence Council, about the existential contingencies that challenge the stability and national security of the United States on a daily basis.

An essential function of the IC is to provide warning against sudden, “bolt-from-the-blue” catastrophic emergencies caused by people, states or by nature; threats whose surfacing could damage our enduring constitutional government.

At a minimum, we must provide you with up-to-the-second information that will allow you to expend executive power, or authorize the use of military force, to preempt, mitigate or destroy the source of these threats.

Providing you with strategic advantage to prevent against strategic surprise is a core function of the 17 agencies that comprise the community.

Where does this all come from?

This information is compiled from an array of sources, including human agents in place, technical collection platforms, like satellites, cyberspace campaigns. Certain assertions are backed up by publicly available testimony and reporting. These are cited at the end of this briefing.

This briefing references NTM — “National Technical Means” — a euphemism for National Reconnaissance Office satellite surveillance and National Geospatial Intelligence Agency analysis.

For the sake of clarity, classification banners and portion markers have been removed from the briefing.

Overview: Existential versus Chronic

You will notice that this briefing does not provide information about most of the subjects traditionally associated with the national security domain, including:

  • The security challenges posed by post-war stability operations in Afghanistan and Iraq;
  • The domestic radicalization of Sunni Muslims influenced by ISIL;
  • Transnational narcotics and criminal cartels, and human trafficking;

The Syrian civil war, except insofar as it increases the chances of immediate U.S. military conflict with Russia, Syria or Iraq

Chinese nationalism, except insofar as it increases the chances of military conflict in the Taiwan strait, or on the Korean peninsula

Also: this briefing does not cover the potential for sudden threats due to climate change, an asteroid collision, or a gamma ray bursar.

Worldwide, Continuing, Catastrophic Threats

Each day, the U.S. intelligence community looks for fresh warning signs and signals from several existential threats to the United States of America:

The Russian ICBM Threat

Background: After a post Cold-War period of neglect, the Russian government has spent trillions of rubles to upgrade the quality, range, accuracy and yields of its entire nuclear fleet, under the aegis of the Russian Strategic Rocket Force (RSVN) modernization program. We estimate that Russia has 7,300 nuclear warheads.A,I They have most recently disclosed that they have mated 1796 warheads to delivery platforms, like fighter bombers, nuclear submarines, and intercontinental ballistic missiles. By 2018, they will be required to have reduced these numbers to 1550. These warheads are considered by the IC to be “alert” warheads.

Note: Russia has approximately 2,700 non-deployed warheads, in reserve or in storage. Some are “strategic” and some are designed for battlefield use. These are considered to be threats, but this briefing does not focus on them. There are also about 3,000 strategic warheads and 1,000 tactical warheads that are stockpiled — waiting to be dismantled per treaty. (Federation of American Scientists)

The Threat From Russia: An Overview

Launched from a submarine, a Russian nuclear warhead could reach the United States mainland with little warning — perhaps five minutes at most. However, Russia’s modernization of its boomer fleet has lagged, and most nuclear submarines are immediately detected by the U.S., tracked, and followed, in real-time. Two caveats: the Russian Borei-class submarine has proven itself capable of frustrating U.S. naval sensors and evading detection during certain conditions. And late this year, the Russian Navy tested an underwater nuclear-capable drone, nicknamed KANYON, (a UUV) in the Atlantic ocean.B The DIA, U.S. Navy and NURO detected this test using traditional underwater surveillance mechanisms; it was designed to be noticed.

A larger warhead launched from a road-mobile platform would be detected by NTM, but NORAD would have trouble determining its exact trajectory, particularly for intermediate range missiles.

Presidential nuclear decision time has not substantially increased since the end of the Cold War.

The United States nuclear command and control system remains vulnerable to cyber attack, conventional disruption and jamming.

Russian combat exercises routinely simulate nuclear attacks on NATO. There is no indication, in public or based on intelligence, that Russia fears a nuclear war with the West or that it intends to start one.

It is very easy for Russia to quickly evade the protocols of START and stack warheads on delivery vehicles in the event of a sudden threat of nuclear war, or if they decide to initiate one. These preparations would likely not be detected by the intelligence community.

If Russia were to mount a conventional attack against NATO, the US would detect a higher level of alert for its nuclear forces. This alert would generate at STRATCOM a higher level of alert, and there is a chance that the alert escalations might lead to catastrophic consequences.

The Russian “Alert” Force

Using overhead surveillance, on-the-ground observations, and treaty mechanisms, the U.S and allies try to keep a daily account of these 2,000 warheads positioned on 508 fighters, subs, and missiles. The fighters and missiles are on Russian soil. Russian nuclear submarines are permitted in international waters.

Road-mobile ICBM convoys remain the most challenging threat to monitor. In 2010, the Russians attached a number of SS-27 (“Topol-M”) ICBMs to these convoys. START prohibits these from bearing more than one warhead.

Russian Cheating

But each missile is capable of bearing at least 3 warheads, and as many as six. If Russia were to field multiple warheads on these missiles, it would violate START. The intelligence community is not able to reliably determine how many warheads are mated to the deployed Topol-Ms.

Under START and other treaties, existing stockpiles must be dismantled “in the open,” where satellites can monitor them. Specific protocols must be also followed. In 2015, the U.S. discovered that the Russians had dismantled, but not destroyed, critical components of its SS-25 “Sickle” ICBMs, suggesting that they planned to use these components for other purposes.

Emerging Threat: RS-24/RS-26 (Yars, Yars-M)

Deployed in road mobile convoys: approximately 60-70

Yield: 100 Kilotons

Range: 6,900 miles

MIRV Capable: 4

The IC estimates that the latest iteration, the Yars-M, is capable of fielding 10 warheads. These missiles have reduced initial heat signatures, making them harder for NTM to detect, and a slim telemetry profile.

The Russians deployed at least ten new RS-24s into their convoys in 2016, located in the Caucasus and Siberia. Some RS-26s may also be deployed.

DIA reports that “Russian forces have conducted exercises and a record number of out-of-area air and naval operations. We expect these to continue this year to include greater activity in the Caribbean and Mediterranean Seas.”

ROAD MOBILE ICMBs: Russia will field more roadmobile SS-27 Mod-2 ICBMs with multiple independently targetable re-entry vehicles. It also will continue development of the RS-26 ballistic missile, the Dolgorukiy ballistic missile submarine, its SS-N-32 Bulava submarine-launched ballistic missile, and next-generation air and ground-launched cruise missiles.” (TSC)

Late this year, the Russian Navy tested an underwater nuclear-capable drone, nicknamed KANYON, (a UUV) in the Atlantic ocean. The DIA, U.S. Navy and NURO detected this test using traditional underwater surveillance mechanisms; it was designed to be noticed.

The Russian Navy has increased its aggressive surveillance of U.S. intelligence-gathering platforms at sea.

Russian Command and Control of Nuclear Weapons

Russian Mobile ICBMs are under the command and control of the Commander of the Russian Strategic Rocket Forces, who reports directly to the Chief of the General Staff.

Russia uses an Automated Ballistic Missile Command and Control System (ASBU) to control launch preparation, warning instructions, targeting and retargeting, and launch code dissemination.

It is believed, but not confirmed, that President Putin and the Chief of the General Staff can independently enable or disable the entire launch chain, using Kavkaz, a hardened, jam-resistant multi-spectrum communications network developed at the end of the Cold War.

DIA reports that “Russian forces have conducted exercises and a record number of out-of-area air and naval operations. We expect these to continue this year to include greater activity in the Caribbean and Mediterranean Seas.” (TSC)

The Russian Navy has increased its aggressive surveillance of U.S. intelligence-gathering platforms at sea.

The Chinese Nuclear Threat

The Chinese nuclear force has a much smaller footprint than either the United States or Russia. Its delivery platforms rely on old technology.

Chinese investment in modern ICBMs, solid-fuel missile technology, and the deployment in eastern China of road-mobile or rail-mobile platforms have accelerated the date when it will no longer be possible to rapidly detect distinct missile launches from that region and provide ample warning time to the President.

We estimate that China has between 50 and 75 mated warheads that could threaten the west coast of the United States, about 10 platforms that could threaten the Korean peninsula, and is close to developing the technology to accurately target a U.S. warship with a nuclear warhead.

Overall, China has about 160 nuclear warhead either deployed or in storage.

The Chinese Nuclear Threat: NC2

The I.C. is reasonably certain that while China accepts traditional principles of nuclear deterrence and would not launch a strike without warning or considerable provocation, we note that China considers its dominion over Taiwan to be an existential concern, and might risk a limited, conventional conflict with the United States. The chances of a “conventional” conflict escalating into a nuclear one are low, but the I.C. possesses little direct information about Chinese nuclear command and control (NC2) procedures.

Our best estimate is that Chinese NC2 is tightly controlled by the Central Military Council only, and that People’s Liberation Army (PLA) Rocket Force and PLA Strategic Support Force do not have pre-authorization to use strategic or tactical nuclear weapons in certain instances. It is not clear if President Xi, recently given the title of Commander-in-Chief of the Joint Forces, has sole authority, or whether there is any pre-delegation for the purposes of establishing a counter-strike capability.

The Chinese Nuclear Threat: DF-41

The I.C. has determined that China has successfully fielded its DF-41 ICBM in eastern China. The DF-41’s range is estimated to be at least 12,000 kilometers, or about 7,500 miles, giving it the ability to strike the Western United States. (China claims that this missile has a range of 14,000 kilometers; the I.C. does not have enough information to determine if its claim is credible.)

The Chinese Nuclear Threat From The Sea

We do not believe that Chinese leaders have permitted an actual nuclear warhead to be brought aboard a Chinese nuclear submarine. The new Chinese Jin class SSBN poses a formidable challenge to interests in the South China Sea, but boasts about its nuclear prowess are premature. The U.S. intelligence community’s Anti-Submarine Warfare (ASW) sensors and assets have successfully tracked Jin-class subs in stealth mode.

North Korea: The Threat Of A Flash War

The I.C. has very little insight into the inner circle of Kim Jong-un, and has limited knowledge of his intentions. Most of our reliable intelligence comes from South Korea and from China, when China decides to provide it.

South Korea, to whose defense the United States is committed by treaty, is extremely vulnerable to a massive conventional invasion, to an attack from the air by missiles, or to a popular uprising demanding action against North Korea in response to a deadly military provocation.

A war against the South could begin with very little warning, given that the DPRK already deploys troops and regiments and supply lines in war-time configurations.

The U.S. response to a DPRK invasion of South Korea are described in OPLANs 5015 and 5027, which will be briefed separately.

North Korea: The Missile Threat

North Korea is currently not capable of provisioning an ICBM with a warhead that could reach the contiguous United States.

Its most dangerous, deployable missile is the No-dong, which can reach Japan with a nuclear-level throw weight. The DPRK has other weapons in its arsenal, but they have proven unreliable in tests we’ve been able to monitor.

Taepodong 1: can reach Guam and Hawaii

Taepodong 2: can reach Alaska, but cannot be mated with warheads that DPRK is capable of producing.

Uhna 3: in development; can reach (in theory), the contiguous U.S.

Note: There are 14 U.S. military facilities within the range of the DPRK’s most durable intermediate-range missile.

Quantum Computing Disruption

China, Israel, Russia, Japan, Canada, Australia and numerous global commercial entities are working on developing quantum computing technology.

A successful quantum attack against critical servers could, in the space of a single day, uproot economics, expose military secrets, and alter the geopolitical balance of power.

Quantum projects are highly compartmentalized secrets, even within private companies, and the U.S. intelligence community might not know how close a country is to making it work.

A working quantum computer, after replicating itself, could break several of the most common types of encryption used by the U.S. government, by banks, utilities, and the Internet.

Asymmetric encryption schemes, like the popular RSA key exchange protocol, are thought to be highly vulnerable to a quantum attack.

Catastrophic Cyber Attack Potentialities

The cyber landscape poses numerous threats not covered by this briefing, which is dedicated solely to existential dangers. We assess that four adversarial state actors — China, Russia, and to a lesser extent, North Korea and Iran — are capable of generating these types of attacks, although their relative likelihood differs.

An attack against electronic payment and debit systems could render online banking inoperable and immediately damage the full faith and credit of the country.

An attack using the non-secure nodes of the “Internet of Things” could disable swathes of the Internet, or critical systems relying on the Internet.

SCADA systems — the mechanisms, servers and software that control the automation for telecoms, power plants, other utilities and industrial facilities — are still highly vulnerable to all sorts of attack; successful attacks could disable systems that the U.S. government relies on for basic functions. Russia and China have attempted to place malware inside U.S. electric grid SCADA systems.

The U.S. government uses commercial cloud services for unclassified, sensitive and even classified communication, storage and information processing. Although there is redundancy and the U.S. does operate several completely segregated, autonomous communication networks, a conventional attack against several cloud servers and providers could cripple the U.S. government for an unknown period of time.

A concentrated attack against the critical technology infrastructure at a gathering of VIPs, politicians and national leaders could render the U.S. highly vulnerable to follow-on attacks.

High Altitude Electromagnetic Pulse (HEMP) Attack

A nuclear weapon, if exploded at the right altitude, will produce an immense and energetic electronic magnetic field that could propagate down to the earth and fry microelectronic circuits.

Nations that possess the ability to send warheads into the air — these include Iran and North Korea, as well as China and Russia — could use the physics of HEMP as a tactical measure against U.S. or adversary forces with little advance warning.

There is little consensus in the intelligence community about the likelihood of such an attack, but widespread consensus about the immediate disruptive effects to anything electronic. Recovery could take months, if not years. The affected area could be small — or country-wide, depending upon the yield of the weapon and the altitude of the explosion.

Nuclear Terrorism

The Intelligence Community places a top priority on preventing the spread of loose nuclear materials and the dissemination of material and information that could be used by terrorists to obtain or fabricate a nuclear weapon.

A radiological weapon — a dirty bomb, made up of an explosive and obtainable cesium — is a far likelier threat in the near term. A detonation in an American city might produce few immediate casualties and contribute only marginally to an increased rate of cancer, but it would undoubtedly cause instant, country-wide panic and pose problems of an existential nature for the President. Therefore, we consider this an existential threat, too.

Al-Qaeda regularly expressed an interest in procuring a nuclear weapon; the threat from AQ is no longer deemed existential. It is also significant that the amount of highly enriched uranium in states like Libya is much lower today. But knowledge about nuclear weapons is diffuse across the Middle East, and as ISIS’ grip on the Levant is loosened, it may resort to more desperate measures. Radicalization of a “homegrown” radiological terrorist is a recognizable but largely unpreventable threat, and ISIS has the financial resources to invest in people and technology, if they wish.

Chem/Bio Threats

China, Iran, Russia, North Korea, and Syria possess, to some degree or another active biological/chemical warfare programs, often in contravention of a treaty.

The direct threat of a bolt-from-the-blue attack using these means are low, but they must be considered among the spectrum of potentially catastrophic, immediate emergencies that would create significant instability.

China and Russia have expressed interest in genomic editing. As Director of National Intelligence James Clapper has testified: “Given the broad distribution, low cost, and accelerated pace of development of this dual-use technology, its deliberate or unintentional misuse might lead to far-reaching economic and national security implications.”

Iran: The Nuclear Threat

In 2015, Iran agreed to degrade its ability to produce nuclear material and curtail its weapons program, subject to verification.

There are no solid indications that Iran is currently working on weaponizing the nuclear material in its possession.

The protocols of the agreement allow for significant, but not unlimited monitoring and verification.

It is probable that Iran continues covert laboratory research on the fabrication of nuclear warheads and on ballistic missile technologies.

The possibility of a rapid “break-out” is low, but not vanishingly so.

War in Europe

NATO remains somewhat vulnerable to a Russian invasion, even though there are considerable intelligence assets in place that would provision an early warning.

The threat of a sudden war is low, but it has grown during the past five years, as Russian nationalism has seen its efforts bear fruit in Crimea, and as NATO has responded by stepping up military preparations and enhancing alert.

There are about 150 U.S. nuclear weapons in Europe; nuclear procedures exercises are conducted bi-yearly, and these weapons are mated to missiles capable of reaching Russia.

This year Russia installed sophisticated ballistic missile defenses along the Baltic Sea, and increased the intensity of its provocative air, sea and land wargames. NATO has responded in kind.

The U.S. presidential election unnerved NATO and generated a significant degree of debate about Europe’s commitment to its own defense.

The continent remains as vulnerable to a fusillade of Russian missiles as it did during the latter stages of the Cold War.

Beyond an accident that is misinterpreted as provocative, the most likely conflict scenario is an annexation-style slow-motion invasion of neighboring Latvia, using special forces, proxy troops and information operations, followed by a quick and surgical decapitation strike.

Given its doctrinal roots in the Cold War, NATO is obligated to respond to a direct, armed invasion with an armed response if deemed necessary.

Threat Of War Between Pakistan and India

Pakistan has 140 nuclear weapons. India has 100.

The Intelligence Community has fairly good visibility about the locations of these weapons, and a fairly granular sense of nuclear command and control in both countries.

Pakistan’s nuclear arsenal remains vulnerable to terrorists, and the command and control arrangements are vulnerable to political/military coups.

Pakistan also attempts to hide its weapons from the United States out of a fear that the U.S. intends to disable them pre-emptively.

While a conventional conflict over Kashmir could turn nuclear, both countries have made progress in recent years at establishing better de-escalation mechanisms.

Missile Defenses Against A Sudden Attack

At present, the U.S. has three main missile defense systems in operation. The Ground-Based Midcourse Defense uses rockets to intercept ICBMs in space, from the ground. There are about 45 operational sites. Testing on warheads with different trajectories and decoys continues. A second system (Aegis) uses missiles launched from destroyers at sea to destroy warheads during their “terminal,” or space-to-target phase. The U.S. Army operates the Terminal High Altitude Area Defense system (THAAD), and is testing its deployment at sites in Turkey, Germany, and South Korea. Other missile defense systems protect against shorter-range, lower-yield missiles. As President, you will likely decide where to field these systems, which will, in turn, provoke a response from adversaries.

These systems were designed to deter, in a general sense, and to protect the U.S. mainland and allies from one-off, provocational or accidental attacks. They will not shield the U.S. from a major “bolt from the blue” attack by Russia or China.

The Russians and the Chinese continue to develop warheads and missiles designed to foil the technology that the existing system is being built upon.

Technical Pre-emption of Surprise Attack

The Defense Department and the intelligence community have developed a set of highly classified tools, called “Integrated Joint Special Technical Operations” to jam, spoof and otherwise frustrate Russian and Chinese sensors, early warning platforms, and nuclear command and control systems. (Our adversaries have similar systems.)

The National Reconnaissance Office will use low-observable cubesat constellations to more precisely monitor Soviet and Chinese mobile ICBM deployments.

President Obama determined that Russian, Chinese, Pakistani and Indian nuclear command and control systems were priority intelligence requirements, leading to significant intelligence breakthroughs, and in some cases, CIA operational activity designed to give the President of the United States a hidden, but active hand in preventing some nuclear missile launches in some combat theatres.

The Joint System Engineering and Integration Office, based at Ft. Meade, is the focal point for “system-of-systems engineering of secure and survivable communications solutions under all possible environmental conditions,’ and responds dynamically to intelligence collected about nuclear command and control.